Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8242068 Signed JAR support for RSASSA-PSS and EdDSA
  3. JDK-8255132

Release Note: Signed JAR Support for RSASSA-PSS and EdDSA

    XMLWordPrintable

    Details

      Description

      This enhancement includes two main changes:

      1. The JarSigner API and the `jarsigner` tool now support signing a JAR file with an RSASSA-PSS or EdDSA key.

      2. Instead of signing the `.SF` file directly, `jarsigner` creates a [SignerInfo signedAttributes field](https://tools.ietf.org/html/rfc5652#section-11) which contains ContentType, MessageDigest, SigningTime, and [CMSAlgorithmProtection](https://tools.ietf.org/html/rfc6211). The field will not be generated if an alternative signing mechanism is specified by the `jarsigner` `-altsigner` option. Please note that although this field was not generated by `jarsigner` before this code change, it has always been supported when parsing the signature. This means newly signed JAR files with the field can be verified by earlier JDK releases.

        Attachments

          Activity

            People

            Assignee:
            weijun Weijun Wang
            Reporter:
            weijun Weijun Wang
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: